Untrusted computer accounts

My job is NOT using PowerShell and I have an issue with it, so I’m trying to change that. When a computer account becomes stale we need to go into ADUC and manually delete the computer account. Using PowerShell can automate that task, but our Windows engineer is not a firm believer in automation so he would rather do it manually. No one is cleaning AD so we have over 2,000 computer account. I think I am wasting my time and knowledge. This is one of the many reasons we should use PowerShell. I would like some suggestions.

I’d suggest finding a new job.

Not being sarcastic. It’s what I’d do. I’m not sure what other options you have, if neither your employer nor your coworker wants to change. Frankly, I’d be terrified of working for a company like that, because I imagine this to be the least of their management problems.

Or, if I may, don’t find a new job. I assume you like the job you have or you would already be looking?

I face the exact same problem, except it’s with Computer Objects AND User Objects. I reached out to other members of my IT team, and they shrugged their shoulders and said they couldn’t get any traction on cleaning up AD. “Why?” I asked. “Legal,” was the answer. So I reached out to my Risk and Compliance Officer, who is in Legal, and asked the question. I laid out why it was an issue for us to leave those objects there. I explained the methodology for cleaning them up. And I explained how it would leave us in a better place from both a security and a housekeeping perspective. And suddenly I had an ally who ran the flag up the pole to her boss, who had no idea the issues it was causing us. He’s now pursuing it further with other departments. Will it get resolved to my satisfaction? Remains to be seen, but at least I asked the question and got someone to consider it.

Sometimes change isn’t easy to initiate, especially if you’re the only one that sees the need for a change. However, if you pick your battles wisely, get an ally or two on your side, and show how the proposed change will save time (and as all of us in IT know, Time=Money) you may build up enough momentum to get that change pushed through. Or you may find that “we’ve always done it this way, but we don’t remember why.”

So don’t give up. You’re on the right track; you just need someone else to see your point and agree with you.

As Rich said , getting allies outside of the IT is sometimes the way to help as obviously you care enough for your work place, even more then that windows engineer guy which should be looking for a new job and not cause your IT and organisation drawbacks for his stone age methods.

Head of IT and CTO then CEO, if the entire chain of command cant see the benefits of your work, then yes a new job is needed. If someone does listen openly, you’ve got a chance.

Organizations that aren’t quick enough to adapt because their IT becomes a barrier instead of an enabler, will have two options: to cease existence or get rid of the IT. When that happens if you show your managers how vital you are with automating , then your likely to keep your job. Or they wont care and then you’ll need a new job anyway.